Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ethics, Part 2 Chapter 5 pp. 153-169 2017 National Income Tax Workbook™

Published byPeter Fisher Modified over 6 years ago

Similar presentations

Presentation on theme: "Ethics, Part 2 Chapter 5 pp. 153-169 2017 National Income Tax Workbook™"— Presentation transcript:

1 Ethics, Part 2 Chapter 5 pp. 153-169
2017 National Income Tax Workbook™

2 p. 153 Introduction Cybersecurity Risk of a cyberattack
Cybersecurity breaches Cost of a cybersecurity breach Risk management

3 p. 154 Continuing Education
The duty to safeguard client privacy and security is an ethical duty Per the IRS, identity theft and data security programs that focus on enhancing tax professional awareness of protecting client data can also qualify for continuing education credit in the federal tax law category

4 p. 154 Risk of Cyberattack Data breaches increased 40% in 2016
Small businesses at greater risk because less time, money, and expertise to defend against cyberattack As big businesses become more secure, attackers target small businesses Attackers specifically targeting tax practices

5 Cybersecurity Breaches pp. 155-157
Hacking Phishing Denial-of-Service (DOS) Malicious Code Theft or Loss of Device Employee/Vendor Error

6 p. 155 Hacking Steal info or shut down the system
Exploiting vulnerabilities to gain unauthorized access Download virus Unsecure wireless Unauthorized access to password Steal info or shut down the system

7 p Example 5.1 Hackers broke into retail credit card system of T.J. Maxx and Marshalls. Intercepted wireless transfers. Stole more than 90,000,000 credit and debit card numbers.

8 p Phishing that looks legit but designed to steal confidential information In 2016 IRS saw 400% increase in phishing and malware incidents

9 Example 5.2 p.155 New hire at the bank got a welcome email
Appeared to come from HR Asked for DOB and SSN Really from third party trying to get confidential info

10 p. 155 Denial-of-Service Attacks
Sends flood of requests to a web page so that the server crashes Legit users cannot access the system or the website

11 pp Example 5.3 DoS attackers hit Dyn Data Center and overwhelmed systems with junk data traffic Started on the East Coast and then international Disrupted access to Twitter, Netflix, and PayPal

12 p Malicious Code Gives the computer incorrect or destructive instructions Designed to damage, disrupt, steal Comes from infected drive, spam , hacked webpage

13 p. 156 Example 5.4 Attackers planted malware on Hannaford Bros. servers. Intercepted payment card data. Forwarded up to 4.2M stolen card numbers overseas

14 Other Malware p. 156 Viruses – alter, replicate, and damage
Trojan Horses – loss or theft of data Ransomware – blocks access to data

15 p Example 5.5 2017 Ransomware attack began in Europe and Asia, then spread. Attackers encrypted files, locking more than 200K computers in over 150 countries. Display screen demanded $300 in Bitcoin to restore the files

16 Spyware and Adware p. 157 Spyware - may display advertising, collect personal information, or change the configuration of a computer Adware - displays unwanted advertisements (like pop-ups), redirects search requests to advertising websites, and collects marketing data

17 Theft or Loss of Device p. 157
Breach b/c of theft or loss of Laptops Smart phones Tablets Removable media

18 p. 157 Example 5.6 Veterans Affairs employee was working from home. Laptop and external hard drive stolen. Unencrypted information on 26.5M people, including names, SSNs, and DOBs

19 Employee Errors p. 157 Unknowingly download malware
Use an unsecure computer network Inadvertently release personal information

20 p. 157 Example 5.7 The Boston Globe accidentally recycled paper containing subscriber financial data and used the recycled paper for routing slips in 9,000 bundles of newspapers – distributed to retailers and newspaper carriers. Info on about 240,000 subscribers disclosed

21 pp. 158-159 Costs of Cybersecurity Breach
Internal Costs to investigate and respond External Costs like lost business and damaged equipment

22 p. 158 Internal Costs of Breach
Detect and deter: IT guy or other security Investigate: forensic accountant to determine what, if anything, was taken Containment: shut down unsecure applications and stop an attack Recovery: back up and restore data Response: improve system to deter future attack

23 pp. 158-159 External Costs of a Breach
Information loss or theft: attorneys, reporting, identity repair, penalties and fines, lawsuits Business disruption: downtime Equipment damage: repair or replace software and systems Lost revenue: damage to reputation, lost customers

24 pp. 159-161 Risk Management Reduce likelihood of breach IT manager
Employee training and awareness System security, encryption, passwords Intrusion prevention and detection system Separate guest network, etc.

25 pp. 161-162 Risk Management Cont.
Reduce the size of a loss Response plan Cybersecurity insurance

26 pp. 162-163 Cybersecurity Insurance
Transfers cost of loss to insurance co. Look closely at what is covered: Loss of income Equipment damage Attorney, forensic investigator, PR person Third party claims and defense Ransom $ Regulatory fines or penalties, etc.

27 p. 163 Coverage Limits and Cost
Coverage limits depend on: Size and scope of business Number of customers Presence on the Internet Coverage cost depends on: Number of clients Loss history Selected coverage

28 pp Appendix 2 Sample Information Security Plan Every tax practice should have one

29 Questions?

Download ppt "Ethics, Part 2 Chapter 5 pp. 153-169 2017 National Income Tax Workbook™"

Similar presentations

POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Using Your Knowledge – Security Threats

Using Your Knowledge – Security Threats
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius 4444 50% Hiscox 33 50% to May 2010, replaced.

BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Issues Raised by ICT.

Issues Raised by ICT.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
TRACs Security Awareness FY2009 Office of Information Technology Security 1.

TRACs Security Awareness FY2009 Office of Information Technology Security 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PART THREE E-commerce in Action Norton University E-commerce in Action.

PART THREE E-commerce in Action Norton University E-commerce in Action.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Viruses & Destructive Programs

Viruses & Destructive Programs
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.

1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.

Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Similar presentations

Ads by Google